Order
Toll-free 24/7:
+1 (347) 809-8481
Order

Auditing Critique

Source Article

Information Systems Risk and Audit Planning by Jean C. Bedard, Lynford Graham and Cynthia Jackson.  International Journal of Auditing. Int. J. Audit. 9: 147–163 (2005)

Get your 100% original paper on any topic done
in as little as 4 hours
Write My Essay

The purpose of the above research article is to provide empirical evidence on the nature and frequency of client characteristics affecting audit planning relevant to systems risk, and to assess the association of these characteristics with auditors’ systems risk assessments and audit planning decisions.

Research Definition

From Wikipedia: The word research derives from Middle French; its literal meaning is ‘to investigate thoroughly’. Research is often described as an active, diligent, and systematic process of inquiry aimed at discovering, interpreting, and revising facts. This intellectual investigation produces a greater understanding of events, behaviors, or theories, and makes practical applications through laws and theories. The term research is also used to describe a collection of information about a particular subject, and is usually associated with science and the scientific method.

Keeping the above definitions of research in mind the article “Information Systems Risk and Audit Planning” by Jean C. Bedard, Lynford Graham and Cynthia Jackson can be categorized as a research article as the writers seem to have followed the basic structure and completed the investigative requirements. The researchers have attempted to provide empirical evidence on the consideration of information systems risk in a financial statement audit. This is a key issue because the importance of information systems to businesses has increased steadily over the past decade, as has the importance of internal control to companies and to their auditors.

Research Method

The writers have used empirical research to approach this topic as also identified in the article itself. The basic aim of the article was to provide empirical evidence on the consideration of information systems risk in a financial statement audit. To perform the study, they described the types of client characteristics identified by the auditors as being relevant to planning, and relate those characteristics to systems risk  assessments and testing plans. Generally, empirical research is any research that bases its findings on direct or indirect observation as its test of reality. In this research initially focus groups consisting of partners and managers of the participating organization were employed which helped to determine the research task. This seems to be an appropriate method espcially when specific statements from the firm’s decision aid for risk identification and assessment had to be identified. In ranking risk areas on appropriateness for the study, the focus groups considered such factors as the importance of the risk area in audit planning, its application to a broad range of clients, and its potential for differentiating more from less risky clients. Among these issues are the two systems risk areas considered in this study, previously described: (1) whether top management sufficiently oversees and addresses the risks related to data security and EDP system security for critical information systems; and (2) whether there are weaknesses in the relevance, completeness, timeliness and reliability of management information used by the company to monitor enterprise activity.

Finally, data for this study were collected from auditors serving on engagement teams for various clients of two accounting firms (now among the Big 4), in the presence of one of the authors. Selection and scheduling of participants were accomplished with the assistance of a contact person at each firm, who was only aware that the study concerned audit planning. Due to client confidentiality concerns, the authors were unaware of the identity of the clients on which the participants were responding. Participants responded to a questionnaire about characteristics of one of their actual clients, which was selected in advance of the research session.

Research Questions and their Effectiveness

In the article three research questions have been formulated to acquire understanding of the research problem:

1.      What is the nature of systems risk factors identified by auditors as important in engagement planning?

2.      Which types of client characteristics are associated with differences in risk assessments?

3.      Which types of risk factors are associated with planning specific types of audit tests?

The first research question concerns the nature of client risk characteristics present in a representative sample of audit clients. The second research question relates to the association of client characteristics and risk assessments within each risk area. Auditing standards note that auditors should respond to engagement risks by increasing their risk assessments and altering the nature, timing, and extent of audit procedures. The third and final research question considers the role of system risk factors in planning audit tests. As noted previously, auditing standards indicate that auditors should adjust the audit plan to reflect client risk factors.

The above research questions seem satisfactory to warrant an answer and also are inline with the research objective specified at the start of the article: “To provide empirical evidence on the consideration of information systems risk in a financial statement audit.” This has been stated since the first question instigates an answer which covers the initial planning phase when risk assessment for any client is being done and also the identification of client characteristics to understand the differences is being carried out in the second question and finally the understanding of risk factors which may be related to EDP or Management information quality risk assessment.

The rationale for the study has been effectively incorporated in the Background section with the research questions which forms a basis for their justification. As the reader goes through the research paper it can be appreciated that the authors have clearly specified their objective initially and they have also clearly mentioned the research questions and their importance to the study and how each of the three questions helps to solve the research task.

Implications and Key Limitations of the Research

One of the major limitations of this type of research is the confidential nature of information with which the researchers deal with and the obvious reluctance being shown by the managers and partners participant organization to share such information.

Another limitation is that the researchers examined the auditors’ memories of client conditions – essentially, the researchers studied how auditors assess risk and plan tests in light of conditions that they identify. Thus, in contrast to behavioral experiments, the design of this study could not assess memory accuracy. An alternative means of addressing the questions studied is through an archival study of audit workpapers. In contrast to this study of individual responses, audit workpapers capture the end product of group decisions. Further research should address whether the results of this study hold using behavioral and/or archival approaches.

Despite the key role of information systems in corporate control and in financial statement audits, the authors could not find any research which could provide evidence on the nature of risk characteristics commonly present in business systems, and the implications of such risks for audit planning. This study addressed this research gap by examining two crucial areas of information systems risk: EDP security and management information quality. These risk-areas encompass the physical and electronic integrity of client systems, and the appropriateness of information contained in those systems, respectively.

Identification of Research Conclusions and Results

The conclusions and results of the study have been mentioned twice which informs the reader about researchers’ intentions and the level of achievement of research objectives. Initially the article summary informs the reader about the main findings and finally their description can be found in the Discussion section.

The main findings of the study encompass two major aspects. The first is the lack of significant association between risk factors and risk assessments in the EDP security risk area, while strong associations were found in management information quality. The second is that control environment factors affect planning in management information quality, but not in EDP security. The recent high-profile cases of corporate fraud, featuring possible management override of controls, emphasize that auditors must react appropriately to issues of information system security and management style/competence. Thus, the results support the recent emphasis on internal controls in US and international auditing standards.

 This study addresses this research gap by examining two crucial areas of information systems risk: EDP security and management information quality. To address this issue, the researchers asked participating auditors to document the frequency of specific client characteristics in these two risk areas, which they consider when planning for an actual client engagement. The researchers also asked that they provide a risk assessment within each risk area, and to plan audit procedures to address the identified risks. Results show that auditors predominately identified client characteristics that would increase systems risk (i.e., negative characteristics, commonly termed risk factors), although some positive characteristics that would decrease systems risk were also identified. The most frequent risk factors identified in the area of EDP security are related to system security controls, outdated systems, and management style/attitude. In the management information area, the most frequently identified risk factors relate to the nature of information produced by client systems, followed by factors relating to management style/attitude and management competence.

Areas of Further Research

As mentioned in the article that in contrast to behavioral experiments, the design of this study could not assess memory accuracy. An alternative means of addressing the questions studied is through an archival study of audit workpapers. In contrast to this study of individual responses, audit workpapers capture the end product of group decisions. Further research should address whether the results of this study hold using behavioral and/or archival approaches.

Overall Effectiveness of the Exercise

This exercise proved to be a tremendous learning experience as far as understanding of research articles and the way they should be approached is concerned. To write a critique on a research article requires a thorough understanding of the basics of writing a research article, various research methods to use and how to conduct the research itself with an appropriate research design.

References

     Jean C. Bedard, Lynford Graham & Cynthia Jackson. (2005) Information Systems Risk and Audit Planning.  International Journal of Auditing. Int. J. Audit. 9: 147–163 (2005)

We will write a custom Essay on Auditing Critique specifically for you for only $16.05 $13/page

805 certified writers online

Order Now

Need help with your Assignment?

Give us your paper requirements,and we’ll deliver the highest-quality essay at only $13 a page.

Order with discount
Calculate the price
Make an order in advance and get the best price
Pages (550 words)
$0.00
*Price with a welcome 15% discount applied.
Pro tip: If you want to save more money and pay the lowest price, you need to set a more extended deadline.
We know how difficult it is to be a student these days. That's why our prices are one of the most affordable on the market, and there are no hidden fees.

Instead, we offer bonuses, discounts, and free services to make your experience outstanding.
How it works
Receive a 100% original paper that will pass Turnitin from a top essay writing service
step 1
Upload your instructions
Fill out the order form and provide paper details. You can even attach screenshots or add additional instructions later. If something is not clear or missing, the writer will contact you for clarification.
Pro service tips
How to get the most out of your experience with MyhomeworkGeeks
One writer throughout the entire course
If you like the writer, you can hire them again. Just copy & paste their ID on the order form ("Preferred Writer's ID" field). This way, your vocabulary will be uniform, and the writer will be aware of your needs.
The same paper from different writers
You can order essay or any other work from two different writers to choose the best one or give another version to a friend. This can be done through the add-on "Same paper from another writer."
Copy of sources used by the writer
Our college essay writers work with ScienceDirect and other databases. They can send you articles or materials used in PDF or through screenshots. Just tick the "Copy of sources" field on the order form.
Testimonials
See why 20k+ students have chosen us as their sole writing assistance provider
Check out the latest reviews and opinions submitted by real customers worldwide and make an informed decision.
fin571
EXCELLEN T
Customer 452773, March 21st, 2024
Social Work and Human Services
Great work I would love to continue working with this writer thought out the 11 week course.
Customer 452667, May 30th, 2021
Leadership Studies
excellent job as always
Customer 452773, September 2nd, 2023
Humanities
Thank youuuu
Customer 452729, May 30th, 2021
Business and administrative studies
excellent work
Customer 452773, March 12th, 2023
Management
Thank you!!! I received my order in record timing.
Customer 452551, February 9th, 2021
History
Don't really see any of sources I provided, but elsewise its great, thank you!
Customer 452697, May 8th, 2021
Criminal Justice
This has been the greatest help while I am recovering from an illness. Thank your team so much.
Customer 452671, May 2nd, 2021
FIN571
excellent
Customer 452773, March 15th, 2024
ACC543MANAGERIALACCOUNTINGANDLEGALASPECTS
excellent
Customer 452773, January 25th, 2024
Business and administrative studies
excellent job
Customer 452773, March 12th, 2023
FIN571
excellent work
Customer 452773, March 1st, 2024
11,595
Customer reviews in total
96%
Current satisfaction rate
3 pages
Average paper length
37%
Customers referred by a friend
OUR GIFT TO YOU
15% OFF your first order
Use a coupon FIRST15 and enjoy expert help with any task at the most affordable price.
Claim my 15% OFF Order in Chat
Check the price of your paper
Show more
Close

Sometimes it is hard to do all the work on your own

Let us help you get a good grade on your paper. Get professional help and free up your time for more important courses. Let us handle your;

  • Dissertations and Thesis
  • Essays
  • All Assignments

  • Research papers
  • Terms Papers
  • Online Classes
Order with discount
Before you leave
Receive a guaranteed discount when ordering four or more pages
4
You'll get 15% discount
use discount
Live ChatWhatsApp